CAS-003 문제 341
정보 보안 관리자가 갭 분석을 수행한 결과 고위험 취약성에 대한 보안 제어 구현이 75%, 중간 취약성에 대해 90%, 저위험 취약성에 대해 10%가 구현된 것으로 나타났습니다. 확인된 격차를 해소하기 위한 로드맵을 작성하기 위해 보증 팀은 각 취약점의 악용 가능성과 관련된 각 제어의 비즈니스 영향을 검토했습니다. 구현할 컨트롤을 결정하기 위해 다음 중 고려해야 할 가장 중요한 것은 무엇입니까?
CAS-003 문제 342
Following a recent network intrusion, a company wants to determine the current security awareness of all of its employees. Which of the following is the BEST way to test awareness?
CAS-003 문제 343
An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of
25%. Which of the following is the correct asset value calculated by the accountant?
25%. Which of the following is the correct asset value calculated by the accountant?
CAS-003 문제 344
An external red team member conducts a penetration test, attempting to gain physical access to a large organization's server room in a branch office. During reconnaissance, the red team member sees a clearly marked door to the server room, located next to the lobby, with a tumbler lock.
Which of the following is BEST for the red team member to bring on site to open the locked door as quickly as possible without causing significant damage?
Which of the following is BEST for the red team member to bring on site to open the locked door as quickly as possible without causing significant damage?
CAS-003 문제 345
The Chief Executive Officer )CEO) of a small company decides to use cloud computing to host critical corporate data for protection from natural disasters. The recommended solution is to adopt the public cloud for its cost savings If the CEO insists on adopting the public cloud model, which of the following would be the BEST advice?